ISC StormCast for Friday, June 16th, 2023
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 16 June 2023
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello and welcome to the Friday, June 16, 2023 edition of the Sansonet Storms, Stormcast. My name is Johannes Ulrich and I'm recording from Jacksonville, Florida. |
| 0:13.5 | When talking about vulnerability management, one step that's often overlooked is to actually verify if the fix that you applied works |
| 0:22.6 | and does prevent the vulnerability that it's supposed to prevent. |
| 0:27.5 | Ui-Shing's diary today has an interesting case where, well, this is exactly sort of what happened. |
| 0:34.6 | It was a vulnerability in, well, Adobe Acrobat Reader, and this vulnerability was |
| 0:41.2 | related to executing JavaScript and PDFs, something of course that often has caused problems, |
| 0:47.6 | so we wanted to just disable JavaScript processing in PDFs and found two different instructions to do so, one from the |
| 0:57.3 | vulnerability management tool that used, and the second instructions from Adobe itself. |
| 1:05.2 | Not surprising, the Adobe instructions did actually work, while the vulnerability management |
| 1:10.6 | tools instructions did not block while the vulnerability management tools instructions |
| 1:11.6 | did not block the execution of JavaScript as advertised. If you would have just followed |
| 1:18.5 | the tools instructions, well, you would have been left with a potentially vulnerable system. |
| 1:24.5 | I find that in particular organizations that focus on speed when patching |
| 1:29.1 | sometimes take shortcuts when it comes to actually validating that the patch did fix the |
| 1:35.6 | vulnerability. So don't skip that step. It's important. Otherwise, you may end up with more |
| 1:41.6 | vulnerabilities than you bargained for. |
| 1:45.9 | And imagine this, we do have a new vulnerability in Move It Transfer. |
| 1:50.6 | It's a critical vulnerability, no CVEE available yet as of June 15th, and this vulnerability |
| 1:58.0 | allows escalating privileges, but also allows unauthorized access to the environment. |
| 2:04.7 | As for the prior vulnerabilities, the workaround is, again, to disable all HDP and HDPS traffic. |
| 2:12.3 | If you still need HDP, HPS access to the environment. Well, one thing that Progress does suggest here, |
| 2:21.9 | you could set up a remote desktop access to the Windows machine running, move it, |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.